- *.example.com does not cover example.com, so you need two domains on the certificate: -d example.com -d *.example.com. This will require putting two different TXT records into the same DNS zone.
- It can take a while for the DNS changes to become visible to Let's Encrypt. I used Google's dig tool to check that both TXT records were consistently being returned. (Different nameservers may pick up the changes at different times.) Only press Enter on the second verification after both records are live.
Tuesday, May 29, 2018
Wildcard certificates from Let's Encrypt
Let's Encrypt started offering wildcard certificates a while back, but not all client programs are able to take advantage of the new API. This Microsoft blog post is a very good guide to using the official certbot client under Bash on Ubuntu on Windows. Two things to note:
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment